Pub Date : 2023-03-07DOI: 10.13052/jcsm2245-1439.1214
V. Kollipara, Sai Koushik Kalakota, Sujith Chamarthi, S. Ramani, Preeti Malik, Marimuthu Karuppiah
The Internet of Things (IoT) has become an emerging technology and is expected to connect billions of more devices to the internet in the near future. With time, more and more devices like wearables, intelligent home systems, and industrial automation devices are getting connected to the internet. IoT devices primarily transfer data using wireless communication networks, introducing more vulnerabilities like man-in-the-middle-attacks and eavesdropping. These security concerns are customary for any device communicating over the internet because of its intrinsic open nature. These problems are usually subdued by conventional cryptographic algorithms used in typical systems that are power-hungry and computationally intensive, making them infeasible to be used in IoT devices since they run on low-powered chips, limiting performance, memory, and bandwidth. Hence, there is a requirement to adopt lightweight cryptographic algorithms that can abate the security issues while using low computational resources, which is the constraint in the given scenario. Hence, we propose an end-to-end secured IoT system that ensures the system’s integrity is never compromised using lightweight cryptographic algorithms. We propose a three-module system, where the first module handles user authentication using a time-based one-time password, the second secures communication using lightweight enhanced RSA, and the third performs data encryption using Feistel-based enhanced SIT. This kind of system is designed to deal with security challenges in IoT devices, ensuring adequate data security while reducing the computational footprint using lightweight cryptography.
{"title":"Timestamp Based OTP and Enhanced RSA Key Exchange Scheme with SIT Encryption to Secure IoT Devices","authors":"V. Kollipara, Sai Koushik Kalakota, Sujith Chamarthi, S. Ramani, Preeti Malik, Marimuthu Karuppiah","doi":"10.13052/jcsm2245-1439.1214","DOIUrl":"https://doi.org/10.13052/jcsm2245-1439.1214","url":null,"abstract":"The Internet of Things (IoT) has become an emerging technology and is expected to connect billions of more devices to the internet in the near future. With time, more and more devices like wearables, intelligent home systems, and industrial automation devices are getting connected to the internet. IoT devices primarily transfer data using wireless communication networks, introducing more vulnerabilities like man-in-the-middle-attacks and eavesdropping. These security concerns are customary for any device communicating over the internet because of its intrinsic open nature. These problems are usually subdued by conventional cryptographic algorithms used in typical systems that are power-hungry and computationally intensive, making them infeasible to be used in IoT devices since they run on low-powered chips, limiting performance, memory, and bandwidth. Hence, there is a requirement to adopt lightweight cryptographic algorithms that can abate the security issues while using low computational resources, which is the constraint in the given scenario. Hence, we propose an end-to-end secured IoT system that ensures the system’s integrity is never compromised using lightweight cryptographic algorithms. We propose a three-module system, where the first module handles user authentication using a time-based one-time password, the second secures communication using lightweight enhanced RSA, and the third performs data encryption using Feistel-based enhanced SIT. This kind of system is designed to deal with security challenges in IoT devices, ensuring adequate data security while reducing the computational footprint using lightweight cryptography.","PeriodicalId":37820,"journal":{"name":"Journal of Cyber Security and Mobility","volume":"40 1","pages":"77-102"},"PeriodicalIF":0.0,"publicationDate":"2023-03-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"80141549","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-01-31DOI: 10.13052/jcsm2245-1439.1162
Xiang Li
In this study, we propose an optimized network information security evaluation GRA-BPNN model based on gray correlation analysis method combined with BP neural network model, and make corresponding optimization for network information security evaluation index. Simulation experiments are conducted to analyze the experimental model, and the simulation results show that the test sample values reach the best training performance at the 7th iteration after 13 iterations, and the R-values in the regression of training results all reach above 0.99, and the data are well-fitted. When the number of training iterations reaches 13, the training gradient is 0.00067928, the value of Mu is 0.001, and the validity test value is 6. The GRA-BPNN model scores 0.028 higher than the GRA method, which is in line with the expected error, and the higher score also proves that the GRA-BPNN model is more comprehensive and specific in its scoring consideration.
{"title":"Construction of a Smart City Network Information Security Evaluation Model Based on GRA-BPNN","authors":"Xiang Li","doi":"10.13052/jcsm2245-1439.1162","DOIUrl":"https://doi.org/10.13052/jcsm2245-1439.1162","url":null,"abstract":"In this study, we propose an optimized network information security evaluation GRA-BPNN model based on gray correlation analysis method combined with BP neural network model, and make corresponding optimization for network information security evaluation index. Simulation experiments are conducted to analyze the experimental model, and the simulation results show that the test sample values reach the best training performance at the 7th iteration after 13 iterations, and the R-values in the regression of training results all reach above 0.99, and the data are well-fitted. When the number of training iterations reaches 13, the training gradient is 0.00067928, the value of Mu is 0.001, and the validity test value is 6. The GRA-BPNN model scores 0.028 higher than the GRA method, which is in line with the expected error, and the higher score also proves that the GRA-BPNN model is more comprehensive and specific in its scoring consideration.","PeriodicalId":37820,"journal":{"name":"Journal of Cyber Security and Mobility","volume":"83 1","pages":"755-776"},"PeriodicalIF":0.0,"publicationDate":"2023-01-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"85558597","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-01-31DOI: 10.13052/jcsm2245-1439.1163
Zehui Liu, Min Guo, Yun Ju
Environmental factors such as channel noise and hardware fingerprints affect the encryption effect of physical layer key generation techniques, resulting in low consistency of generated keys. Feature pre-processing is a common means of improving consistency of keys. However, most of the existing feature pre-processing algorithms improve key consistency by sacrificing key generation rate, which is not very usable. Therefore, it is proposed a physical layer key generation method based on SVD pre-processing. This method uses the SVD feature processing algorithm to pre-process the channel features extracted from both sides of the communication before quantization, in order to simultaneously improve key consistency and key generation rate. The simulation results show that when the channel SNR is greater than 10 dB, the BER of the SVD scheme is significantly lower compared to the scheme without pre-processing and the DCT and PCA pre-processing schemes; when the SNR is greater than 20 dB, the SVD scheme KGR can reach a level of 10bit/s, which is significantly higher than the other three schemes. The results show that this scheme can significantly increase the key generation rate while effectively improving key consistency.
{"title":"Physical Layer Key Generation Method Based on SVD Pre-processing","authors":"Zehui Liu, Min Guo, Yun Ju","doi":"10.13052/jcsm2245-1439.1163","DOIUrl":"https://doi.org/10.13052/jcsm2245-1439.1163","url":null,"abstract":"Environmental factors such as channel noise and hardware fingerprints affect the encryption effect of physical layer key generation techniques, resulting in low consistency of generated keys. Feature pre-processing is a common means of improving consistency of keys. However, most of the existing feature pre-processing algorithms improve key consistency by sacrificing key generation rate, which is not very usable. Therefore, it is proposed a physical layer key generation method based on SVD pre-processing. This method uses the SVD feature processing algorithm to pre-process the channel features extracted from both sides of the communication before quantization, in order to simultaneously improve key consistency and key generation rate. The simulation results show that when the channel SNR is greater than 10 dB, the BER of the SVD scheme is significantly lower compared to the scheme without pre-processing and the DCT and PCA pre-processing schemes; when the SNR is greater than 20 dB, the SVD scheme KGR can reach a level of 10bit/s, which is significantly higher than the other three schemes. The results show that this scheme can significantly increase the key generation rate while effectively improving key consistency.","PeriodicalId":37820,"journal":{"name":"Journal of Cyber Security and Mobility","volume":"158 1","pages":"777-794"},"PeriodicalIF":0.0,"publicationDate":"2023-01-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"75057397","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-01-31DOI: 10.13052/jcsm2245-1439.1161
M. Falch, H. Olesen, K. Skouby, R. Tadayoni, Idongesit Williams
Cybercrime has become the most widespread kind of economic fraud and is a serious challenge for businesses around the world. The topic of this paper is how SMEs in the Nordic Baltic Region should face this challenge. Possible technical and organisational tasks to be performed by SMEs in order to ensure cybersecurity of their business are analysed. The paper looks at the different types of hackers and their motives. On this background, current cyberthreats and corresponding security measures are presented. It is concluded that awareness, training, and financial incentives are all important elements in defining a cybersecurity strategy for SMEs. The paper is based on research made in the DINNOCAP project funded by EU regional funds.
{"title":"Cybersecurity Strategies for SMEs in the Nordic Baltic Region","authors":"M. Falch, H. Olesen, K. Skouby, R. Tadayoni, Idongesit Williams","doi":"10.13052/jcsm2245-1439.1161","DOIUrl":"https://doi.org/10.13052/jcsm2245-1439.1161","url":null,"abstract":"Cybercrime has become the most widespread kind of economic fraud and is a serious challenge for businesses around the world. The topic of this paper is how SMEs in the Nordic Baltic Region should face this challenge. Possible technical and organisational tasks to be performed by SMEs in order to ensure cybersecurity of their business are analysed. The paper looks at the different types of hackers and their motives. On this background, current cyberthreats and corresponding security measures are presented. It is concluded that awareness, training, and financial incentives are all important elements in defining a cybersecurity strategy for SMEs. The paper is based on research made in the DINNOCAP project funded by EU regional funds.","PeriodicalId":37820,"journal":{"name":"Journal of Cyber Security and Mobility","volume":"11 1","pages":"727-754"},"PeriodicalIF":0.0,"publicationDate":"2023-01-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"72454902","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-01-01DOI: 10.32604/jcs.2023.040186
Jalaj Pateria, Laxmi Ahuja, S. Som
,
,
{"title":"Seeded Transfer Learning for Enhanced Attack Trace and Effective Deception","authors":"Jalaj Pateria, Laxmi Ahuja, S. Som","doi":"10.32604/jcs.2023.040186","DOIUrl":"https://doi.org/10.32604/jcs.2023.040186","url":null,"abstract":",","PeriodicalId":37820,"journal":{"name":"Journal of Cyber Security and Mobility","volume":"11 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2023-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"81787908","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-01-01DOI: 10.32604/jcs.2023.042501
Bilal Khan, Muhammad Arshad, Sarwar Shah Khan
The proliferation of maliciously coded documents as file transfers increase has led to a rise in sophisticated attacks. Portable Document Format (PDF) files have emerged as a major attack vector for malware due to their adaptability and wide usage. Detecting malware in PDF files is challenging due to its ability to include various harmful elements such as embedded scripts, exploits, and malicious URLs. This paper presents a comparative analysis of machine learning (ML) techniques, including Naive Bayes (NB), K-Nearest Neighbor (KNN), Average One Dependency Estimator (A1DE), Random Forest (RF), and Support Vector Machine (SVM) for PDF malware detection. The study utilizes a dataset obtained from the Canadian Institute for Cyber-security and employs different testing criteria, namely percentage splitting and 10-fold cross-validation. The performance of the techniques is evaluated using F1-score, precision, recall, and accuracy measures. The results indicate that KNN outperforms other models, achieving an accuracy of 99.8599% using 10-fold cross-validation. The findings highlight the effectiveness of ML models in accurately detecting PDF malware and provide insights for developing robust systems to protect against malicious activities.
{"title":"Comparative Analysis of Machine Learning Models for PDF Malware Detection: Evaluating Different Training and Testing Criteria","authors":"Bilal Khan, Muhammad Arshad, Sarwar Shah Khan","doi":"10.32604/jcs.2023.042501","DOIUrl":"https://doi.org/10.32604/jcs.2023.042501","url":null,"abstract":"The proliferation of maliciously coded documents as file transfers increase has led to a rise in sophisticated attacks. Portable Document Format (PDF) files have emerged as a major attack vector for malware due to their adaptability and wide usage. Detecting malware in PDF files is challenging due to its ability to include various harmful elements such as embedded scripts, exploits, and malicious URLs. This paper presents a comparative analysis of machine learning (ML) techniques, including Naive Bayes (NB), K-Nearest Neighbor (KNN), Average One Dependency Estimator (A1DE), Random Forest (RF), and Support Vector Machine (SVM) for PDF malware detection. The study utilizes a dataset obtained from the Canadian Institute for Cyber-security and employs different testing criteria, namely percentage splitting and 10-fold cross-validation. The performance of the techniques is evaluated using F1-score, precision, recall, and accuracy measures. The results indicate that KNN outperforms other models, achieving an accuracy of 99.8599% using 10-fold cross-validation. The findings highlight the effectiveness of ML models in accurately detecting PDF malware and provide insights for developing robust systems to protect against malicious activities.","PeriodicalId":37820,"journal":{"name":"Journal of Cyber Security and Mobility","volume":"40 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"136160128","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-01-01DOI: 10.32604/jcs.2022.038791
Abdul Rauf, M. Asif Khan, Hamid Hussain Awan, W. Shahzad, Najeeb Ul Husaan
: In the modern world, law enforcement authorities are facing challenges due to the advanced technology used by criminals to commit crimes. Criminals follow specific patterns to carry out their crimes, which can be identified using machine learning and swarm intelligence approaches. This article proposes the use of the Ant Colony Optimization algorithm to create an associative classification of crime data, which can reveal potential relationships between different features and crime types. The experiments conducted in this research show that this approach can discover various associations among the features of crime data and the specific patterns that major crime types depend on. This research can be beneficial in discovering the patterns leading to a specific class of crimes, allowing law enforcement agencies to take proactive measures to prevent them. Experimental results demonstrate that ACO-based associative classification model predicted 10 out of 16 crime types with 90% or more accuracy based on discovery of association among dataset features. Hence, the proposed approach is a viable tool for application in forensic and investigation of crimes.
{"title":"Discovering the Common Traits of Cybercrimes in Pakistan Using Associative Classification with Ant Colony Optimization","authors":"Abdul Rauf, M. Asif Khan, Hamid Hussain Awan, W. Shahzad, Najeeb Ul Husaan","doi":"10.32604/jcs.2022.038791","DOIUrl":"https://doi.org/10.32604/jcs.2022.038791","url":null,"abstract":": In the modern world, law enforcement authorities are facing challenges due to the advanced technology used by criminals to commit crimes. Criminals follow specific patterns to carry out their crimes, which can be identified using machine learning and swarm intelligence approaches. This article proposes the use of the Ant Colony Optimization algorithm to create an associative classification of crime data, which can reveal potential relationships between different features and crime types. The experiments conducted in this research show that this approach can discover various associations among the features of crime data and the specific patterns that major crime types depend on. This research can be beneficial in discovering the patterns leading to a specific class of crimes, allowing law enforcement agencies to take proactive measures to prevent them. Experimental results demonstrate that ACO-based associative classification model predicted 10 out of 16 crime types with 90% or more accuracy based on discovery of association among dataset features. Hence, the proposed approach is a viable tool for application in forensic and investigation of crimes.","PeriodicalId":37820,"journal":{"name":"Journal of Cyber Security and Mobility","volume":"24 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2023-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"80957316","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-01-01DOI: 10.32604/jcs.2023.045422
Yih Bing Chu, Zhi Min Lim, Bryan Keane, Ping Hao Kong, Ahmed Rafat Elkilany, Osama Hisham Abusetta
The proliferation of digital payment methods facilitated by various online platforms and applications has led to a surge in financial fraud, particularly in credit card transactions. Advanced technologies such as machine learning have been widely employed to enhance the early detection and prevention of losses arising from potentially fraudulent activities. However, a prevalent approach in existing literature involves the use of extensive data sampling and feature selection algorithms as a precursor to subsequent investigations. While sampling techniques can significantly reduce computational time, the resulting dataset relies on generated data and the accuracy of the pre-processing machine learning models employed. Such datasets often lack true representativeness of real-world data, potentially introducing secondary issues that affect the precision of the results. For instance, under-sampling may result in the loss of critical information, while over-sampling can lead to overfitting machine learning models. In this paper, we proposed a classification study of credit card fraud using fundamental machine learning models without the application of any sampling techniques on all the features present in the original dataset. The results indicate that Support Vector Machine (SVM) consistently achieves classification performance exceeding 90% across various evaluation metrics. This discovery serves as a valuable reference for future research, encouraging comparative studies on original dataset without the reliance on sampling techniques. Furthermore, we explore hybrid machine learning techniques, such as ensemble learning constructed based on SVM, K-Nearest Neighbor (KNN) and decision tree, highlighting their potential advancements in the field. The study demonstrates that the proposed machine learning models yield promising results, suggesting that pre-processing the dataset with sampling algorithm or additional machine learning technique may not always be necessary. This research contributes to the field of credit card fraud detection by emphasizing the potential of employing machine learning models directly on original datasets, thereby simplifying the workflow and potentially improving the accuracy and efficiency of fraud detection systems.
{"title":"Credit Card Fraud Detection on Original European Credit Card Holder Dataset Using Ensemble Machine Learning Technique","authors":"Yih Bing Chu, Zhi Min Lim, Bryan Keane, Ping Hao Kong, Ahmed Rafat Elkilany, Osama Hisham Abusetta","doi":"10.32604/jcs.2023.045422","DOIUrl":"https://doi.org/10.32604/jcs.2023.045422","url":null,"abstract":"The proliferation of digital payment methods facilitated by various online platforms and applications has led to a surge in financial fraud, particularly in credit card transactions. Advanced technologies such as machine learning have been widely employed to enhance the early detection and prevention of losses arising from potentially fraudulent activities. However, a prevalent approach in existing literature involves the use of extensive data sampling and feature selection algorithms as a precursor to subsequent investigations. While sampling techniques can significantly reduce computational time, the resulting dataset relies on generated data and the accuracy of the pre-processing machine learning models employed. Such datasets often lack true representativeness of real-world data, potentially introducing secondary issues that affect the precision of the results. For instance, under-sampling may result in the loss of critical information, while over-sampling can lead to overfitting machine learning models. In this paper, we proposed a classification study of credit card fraud using fundamental machine learning models without the application of any sampling techniques on all the features present in the original dataset. The results indicate that Support Vector Machine (SVM) consistently achieves classification performance exceeding 90% across various evaluation metrics. This discovery serves as a valuable reference for future research, encouraging comparative studies on original dataset without the reliance on sampling techniques. Furthermore, we explore hybrid machine learning techniques, such as ensemble learning constructed based on SVM, K-Nearest Neighbor (KNN) and decision tree, highlighting their potential advancements in the field. The study demonstrates that the proposed machine learning models yield promising results, suggesting that pre-processing the dataset with sampling algorithm or additional machine learning technique may not always be necessary. This research contributes to the field of credit card fraud detection by emphasizing the potential of employing machine learning models directly on original datasets, thereby simplifying the workflow and potentially improving the accuracy and efficiency of fraud detection systems.","PeriodicalId":37820,"journal":{"name":"Journal of Cyber Security and Mobility","volume":"16 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"135267830","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-01-01DOI: 10.32604/jcs.2023.043359
Kofi Sarpong Adu-Manu, Richard Kwasi Ahiable
As businesses develop and expand with a significant volume of data, data protection and privacy become increasingly important. Research has shown a tremendous increase in phishing activities during and after COVID-19. This research aimed to improve the existing approaches to detecting phishing activities on the internet. We designed a multi-layered phish detection algorithm to detect and prevent phishing applications on the internet using URLs. In the algorithm, we considered technical dimensions of phishing attack prevention and mitigation on the internet. In our approach, we merge, Phishtank, Blacklist, Blocklist, and Whitelist to form our framework. A web application system and browser extension were developed to implement the algorithm. The multi-layer phish detector evaluated ten thousand URLs gathered randomly from the internet (five thousand phishing and five thousand legitimate URLs). The system was estimated to detect levels of accuracy, true-positive and false-positive values. The system level accuracy was recorded to be 98.16%. Approximately 49.6% of the websites were detected as illegitimate, whilst 49.8% were seen as legitimate.
{"title":"Detecting Phishing Using a Multi-Layered Social Engineering Framework","authors":"Kofi Sarpong Adu-Manu, Richard Kwasi Ahiable","doi":"10.32604/jcs.2023.043359","DOIUrl":"https://doi.org/10.32604/jcs.2023.043359","url":null,"abstract":"As businesses develop and expand with a significant volume of data, data protection and privacy become increasingly important. Research has shown a tremendous increase in phishing activities during and after COVID-19. This research aimed to improve the existing approaches to detecting phishing activities on the internet. We designed a multi-layered phish detection algorithm to detect and prevent phishing applications on the internet using URLs. In the algorithm, we considered technical dimensions of phishing attack prevention and mitigation on the internet. In our approach, we merge, Phishtank, Blacklist, Blocklist, and Whitelist to form our framework. A web application system and browser extension were developed to implement the algorithm. The multi-layer phish detector evaluated ten thousand URLs gathered randomly from the internet (five thousand phishing and five thousand legitimate URLs). The system was estimated to detect levels of accuracy, true-positive and false-positive values. The system level accuracy was recorded to be 98.16%. Approximately 49.6% of the websites were detected as illegitimate, whilst 49.8% were seen as legitimate.","PeriodicalId":37820,"journal":{"name":"Journal of Cyber Security and Mobility","volume":"20 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"135058894","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Phishing Attacks in Social Engineering: A Review","authors":"Kofi Sarpong Adu-Manu, Richard Kwasi Ahiable, Justice Kwame Appati, Ebenezer Essel Mensah","doi":"10.32604/jcs.2023.041095","DOIUrl":"https://doi.org/10.32604/jcs.2023.041095","url":null,"abstract":"","PeriodicalId":37820,"journal":{"name":"Journal of Cyber Security and Mobility","volume":"15 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2023-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"78354850","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: